10 Reasons to Create a Disaster Recovery Plan

datacentre with servers and disaster recovery

A disaster recovery plan is your insurance against serious cyber attacks, hardware failure, power outages, and human error. A range of policies, tools, and technologies make up an effective plan. The end goal is always the same: get your business operating as normal in as short a time as possible.

1. Ransomware now appears in 88% of breaches at small and medium-sized businesses

SMBs experienced ransomware in 88% of breach cases in 2025, compared with 39% at large enterprises. Attackers specifically target smaller businesses because they typically lack the layered defences and recovery readiness of larger organisations. (Source: Verizon 2025 Data Breach Investigations Report)

2. Ransomware is involved in 44% of all confirmed breaches

This is a sharp rise from 32% the year before, and ransomware has now overtaken stolen credentials as the most common action in breaches. (Source: Verizon 2025 DBIR)

3. Security incidents are now the leading cause of SMB downtime

84% of firms cite security incidents as their number one cause of downtime, ahead of human error, inadequate hardware, and outdated software. (Source: ITIC 2024 Hourly Cost of Downtime Report)

4. AI-generated phishing emails have doubled

Attackers are increasingly using generative AI to write more convincing phishing emails, removing many of the spelling and grammar errors that used to make them easier to spot. (Source: Verizon 2025 DBIR)

5. Human error caused a major outage at nearly 40% of organisations

Of those incidents, 85% were caused by failing to follow procedures or by flaws in the processes themselves, often linked to understaffing or insufficient training. (Source: Uptime Institute 2025 Annual Outage Analysis Report)

6. 1 in 5 SMBs could not survive a breach costing as little as $10,000

The financial impact of a serious incident is often underestimated. A significant proportion of small businesses report they would not be able to recover from a comparatively modest breach. (Source: VikingCloud 2025 SMB Threat Landscape Report)

7. Median ransomware payments fell, but refusal to pay rose to 64%

More businesses are refusing to pay ransoms than ever before, up from 50% just two years ago. This is only a safe position to take if a proper backup and recovery plan is already in place. Without one, refusing to pay simply means the data stays lost. (Source: Verizon 2025 DBIR)

8. Only a third of organisations follow recommended backup best practices

Backup frequency and testing discipline vary significantly between businesses, and a substantial proportion fall short of recommended practice, often because backup processes were set up once and never revisited as the business grew. (Source: Acronis Cyber Protection Week Global Report)

9. Unplanned downtime now regularly costs over $100,000 per incident

Even outside large enterprises, the financial impact of unplanned downtime — lost revenue, lost productivity, and recovery costs — adds up quickly. For a typical SME, even a single day of significant disruption represents a meaningful financial hit. (Source: Uptime Institute, 2025)

10. Outage frequency is rising, not falling

More businesses are reporting network outages now than in previous years, with over half experiencing a notable increase over the past two years. The trend is moving in the wrong direction, which makes having a tested recovery plan more important, not less. (Source: Industry outage tracking studies, 2025)

Preventative measures are essential to protect your business data. Proper backup is a vital part of this, but as the statistics above show, a backup alone is not a complete plan. Read more about how backup and disaster recovery work together on our Backup and Disaster Recovery page, or see our specific Server Backups and Microsoft 365 Disaster Recovery pages for how we protect on-premise and cloud systems.

One monthly fee. One number to call. The day-to-day risk of your business not being able to recover from a serious incident becomes our job, not yours.

Book your free site survey   or call +44 (0) 207 403 4031

FAQ

Common questions

What is a disaster recovery plan?

A disaster recovery plan is a set of policies, tools, and procedures designed to restore your business’s ability to operate after a serious incident — a cyber attack, hardware failure, power outage, or human error. The goal is to get your business back to normal operation in as short a time as possible, with minimal data loss and disruption.

Why are small businesses more at risk from ransomware than large enterprises?

According to Verizon’s 2025 Data Breach Investigations Report, ransomware appeared in 88% of breaches affecting small and medium-sized businesses, compared with 39% at large enterprises. Attackers specifically target smaller businesses because they typically lack the layered defences, dedicated security teams, and tested recovery plans that larger organisations have in place, making them easier and more profitable targets.

Should we pay a ransom if our business is hit by ransomware?

Increasingly, businesses are refusing to pay, with 64% of organisations declining in 2025, up from 50% two years earlier. However, refusing to pay is only a safe option if you have a tested, working backup and recovery plan already in place. Without one, refusing to pay simply means the data is permanently lost. This is exactly why a disaster recovery plan needs to be in place and tested before an incident happens, not decided in the moment.

How much does downtime actually cost a small business?

Unplanned downtime now regularly costs organisations over $100,000 per incident when lost revenue, lost productivity, and recovery costs are accounted for, according to Uptime Institute research. For a typical SME, even a single day of significant disruption represents a meaningful financial hit, often disproportionately larger relative to a small business’s overall revenue compared to a large enterprise.

Is human error really a major cause of IT disasters?

Yes. Human error caused a major outage at nearly 40% of organisations in 2025, according to the Uptime Institute’s Annual Outage Analysis Report, with the large majority of those incidents traced back to failure to follow procedures or flaws in the processes themselves. A proper disaster recovery plan accounts for human error as a realistic and common cause of incidents, not just external attacks.

Are AI-generated phishing emails making disaster recovery more important?

Indirectly, yes. AI-generated phishing emails have become significantly more convincing, removing many of the spelling and grammar errors that used to make them easier to spot. As successful phishing attempts become more likely, the chance of a resulting ransomware infection or data breach increases, which makes having a tested recovery plan in place more important, not less.

What is the difference between having backups and having a disaster recovery plan?

Backups are one component of a disaster recovery plan, but they are not the same thing. A disaster recovery plan includes backups alongside a clear, tested process for restoring your business’s operations — who does what, how quickly systems come back online, and how data is recovered. A business can have backups running and still lack a genuine recovery plan if that process has never been defined or tested.

Does Network Fish help businesses create a disaster recovery plan?

Yes. We help assess your current backup and recovery arrangements, identify gaps, and design a disaster recovery plan suited to your business, covering both on-premise systems and cloud platforms like Microsoft 365. See our Server Backups and Microsoft 365 Disaster Recovery pages for the specific services involved, or get in touch for a free site survey.